Blog

Enforce Security Through Policy-as-Code

Automation is key for so many reasons; it can help to speed up the security workflow, from alerting, to ticketing, to task assignment and remediation, it can help to combat threats in real-time and even enable you to impose policy as code. Companies that embrace the DevOps movement invest a lot in automation, and for […]

Read More…

Talks and Tools from Black Hat 2019

Cloud & Container Security: Three Great Talks and Tools from Black Hat 2019

Last week thousands of security professionals descended upon Las Vegas for Hacker Summer Camp (despite warnings of swarming locusts!). Lacework Labs was there to take in all the sights and sounds. It was exciting to see such an emphasis on cloud and container security. There was much discussion on Kubernetes, containers, DevSecOps, and cloud provider […]

Read More…

Cloud Anomaly Detection and Vulnerability Assessment Needs to Yield Actionable Alerts

Continuous real-time anomaly detection and behavioral analysis must be capable of monitoring all event activity in your cloud environment, correlate activity among containers, applications, and users, and log that activity for analysis after containers and other ephemeral workloads have been recycled. This monitoring and analysis must be able to trigger automatic alerts. Behavioral analytics make […]

Read More…

Developing a Cloud & Container Incident Response Plan

Developing a Cloud & Container Incident Response Plan

Critical to eliminating or reducing the impact of security incidents is to have an incident response plan. Without a well-planned incident response plan, it is nearly impossible to manage complex incidents affecting multiple services and teams in a high-stress situation. If you already have an incident response plan in place and automated configuration compliance, they […]

Read More…

A Quick Guide to Container Orchestration Vulnerabilities

A Quick Guide to Container Orchestration Vulnerabilities

Containers and containerized applications running on cloud resources are delivering new levels of speed and efficiency to modern development teams. Containers are optimized for agile deployment, so they require less coordination and oversight than on-premises or virtualized infrastructures and, in many cases, are simply more flexible. Automated, continuous integration and delivery pipelines help ensure code […]

Read More…

Enhancing Native Kubernetes Security

By 2022, 75% of enterprises (a sharp rise from 30% in 2019) are expected to run containerized applications globally. The visible benefits of automating container orchestration with Kubernetes is a key force behind this rapid adoption. Unfortunately, this also increases risks as a compromise in Kubernetes can potentially impair the entire containerized environment.  The hyper-dynamic […]

Read More…

Lacework Threat Detection in Cloud Environments: A Quick Guide

There’s an enormous amount of event activity in the cloud. A busy cloud environment can generate eight to ten billion events per month, which makes threat detection a challenge. Moreover, in the cloud where ephemeral servers and containers come and go on-demand, malicious activity can escape detection unless the visibility into events and behaviors is […]

Read More…